[Bro] Parsing Modbus packet with Function code 15
Vishak Muthukumar
vmuthu at ucdavis.edu
Wed May 14 09:40:08 PDT 2014
Hi Seth Hall,
Sure, please go ahead and use the traffic.
Thanks for your quick responses.
Vishak
On Wed, May 14, 2014 at 9:24 AM, Seth Hall <seth at icir.org> wrote:
>
> On May 14, 2014, at 10:40 AM, Robin Sommer <robin at icir.org> wrote:
>
> > On Wed, May 14, 2014 at 03:08 -0700, Vishak Muthukumar wrote:
> >
> >> I have a trace file which has a write request to write to coil 0.
> >> But when I monitor that trace file in my bro script, I cannot see the
> coil
> >> value. It says the size of the coil vector is empty.
> >
> > Iirc, the analyzer doesn't further extract coil values yet.
>
> I was unable to find traffic that dealt with coils so I left that out.
> Most of the infrastructure is in place however. Vishak, can we use the
> traffic you submitted in our test suite if it works out when we look at it?
>
> .Seth
>
> --
> Seth Hall
> International Computer Science Institute
> (Bro) because everyone has a network
> http://www.bro.org/
>
>
--
Vishak Muthukumar
Graduate Student
University of California, Davis
Phone : +15303025318
Skype id: vishakm92
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20140514/f2fd1f2a/attachment.html
More information about the Bro
mailing list